Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 245
  • Last Modified:

How to map/configure 2 mail servers behind a firewall on the same lan/subnet

I have a firewall which has 2 mail server's public smtp and pop ips mapped to internal ips  via NAT one-to-one translation on ports 25 and port 110.
Example :
               Mail Server 1
               smtp.abc.com ( 66.92.81.1) map on (port 25) to 192.168.100.5                          
               pop.abc.com ( 66.92.81.2) map on  (port 110) to 192.168.100.6

               Mail Server 2
               smtp.xyz.com  ( 66.92.81.3) map on (port 25) to 192.168.100.10
               pop.xyz.com  ( 66.92.81.4) map on (port 110) to 192.168.100.11

The problem is if I turn both smtp servers on , 1 or the other emails does not work

How how should I map/configure the 2 mail servers or similar ports behind a firewall on the same lan/subnet ?
Whats the right way to do this?
0
texter777
Asked:
texter777
1 Solution
 
lrmooreCommented:
They should work fine just as they are.
What kind of firewall do you have? Perhaps there is something not configured correctly in it?
0
 
texter777Author Commented:
sonicwall pro 2040.

Mapping one-to-one nat translation.

Rules
---------------
a) Allow  *   192.168.100.5 (LAN) Retrieve E-Mail (POP3)   [exchange server]
b) Allow  * 192.168.100.6 (LAN) Send E-Mail (SMTP)   [gfi mail essentials relay]

c)  Allow  *  192.168.100.10 (LAN) Retrieve E-Mail (POP3)  [mailserver2]
d)  Allow  *  192.168.100.10 (LAN) Send E-Mail (SMTP)  [mailserver2]

e) Allow  *  192.168.100.5 (LAN) Web (HTTP) Allow  [mailserver1]
++For webmail access
f)  Allow  *  192.168.100.10 (LAN) Web (HTTP) Allow  [mailserver2]
++for webmail access
0
 
dlmarioCommented:
Hi texter777,

there schould no problem using multiple SMTP, POP or IMAP servers in the same subnet. Are you sure you are using 4 IP addresse where you are doing NAT from? Why do you NAT your Network, when you have four external addresses?

For me it seems like you are using one external IP (a DSL for example) and doing NAT from this IP to your private subnet, isnĀ“t it?

If not, it should be a setting on your router. Is it possible to do a tcpdump on the mailservers? Are you using linux machines?

However, theoretical there can not be a problem using more than one mailserver in a network segment - providers are doing the same ;-)

/Mario
0
 
texter777Author Commented:
Guys,
Thanks for your input.
Mario ,
Avoiding external addresess (dual nics) or DMZ , by using one-to-one NAT.
This method has its con side too, but since we have a kickass hardware firewall ,
have chosen to go with one-to-one NAT mapping.

I think Ive found the problem.
Interesting indeed....
The 2 nd mail server SMTP was bound ONLY ON the LAN IP address 192.168.100.10
and not on "All Addresses" .

This excluded the local loop (127.0.0.1),which made it unable for the SMTP to natively transfer the email to the POP3 mailboxes/service.

Hence I wasnt seeing the mail in my pop3 box.

Peace.
Texter

0
 
Computer101Commented:
PAQed with points refunded (100)

Computer101
EE Admin
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now